SFTP Connection Setup Details

Recently I have been configuring SFTP servers in the lab. As part of this work, I have been trying to understand exactly what occurs when the client establishes a connection with the SFTP server. I have been doing this by capturing packets and examining the detailed debug output of the client and server during the initial connection process. This article will provide details that I have observed about what happens during the unencrypted setup of the connection used by SFTP, hopefully organized in a manner that that make sense and explains the process.

Sftp Connection Packet Capture

Sending FTP files more securely using PGP

FTP is a very unsecure method for transferring files, but unfortunately it is still in use by a number of corporations to day.  Normally when it is used, some type of additional encryption such as PGP is used to encrypt the contents of the file being transferred.  In this article we will examine the details of how a unencrypted file is sent using FTP and then we will repeat the process with a file encrypted using PGP.

Sending Ftp Files More Securely Using PGP

Using a Single Self-Signed Certificate for 2 Different URLs in Apache Web Server

This article shows how to use OpenSSL to create a private key, public key and a self signed certificate.  It also shows how to configure Apache web server to use the private key and certificate to access an SSL URL.  Finally, OpenSSL is used to create a single self-signed certificate to access 2 different URLs in Apache web server.

Self Signed Certificate 2 Urls

Manual configuration of Oracle RAC user equivalence (SSH key-based authentication) on Centos 6

I am continuing my research into the requirements for installing and configuring Oracle RAC. One of the requirements is that each RAC node needs the ability to login to other nodes without providing a password. The Oracle community refers to this as SSH user equivalence, but it is also referred to as SSH key based authentication. SSH will use public/private key authentication between the nodes instead of passwords. This configuration is useful for scripts and programs that must communicate between the RAC nodes since they do not need to be configured to use a password. Continue reading

Creating Shared Disks in VMware ESXi 5.1

This article details how to create a set of disks that can be shared between 2 VMware guest servers.  I discovered this process while researching how to install an Oracle RAC database.  This is a clustered database that requires shared storage among all of the servers in the cluster.  There are many ways to created shared storage, depending on the type of servers and whether virtualization is being used.  In a related article I have previously documented how to use VMware VSAN to create a shared storage solution under ESXi 5.5.

This article assumes that you already have 2 guest servers created.  Here I will be using Centos Linux 6.  You will also need to have the vSphere client (VCLI) installed on a Windows workstation that can be used to access the ESXi server directly.  VCLI can be downloaded from the VMware site. Continue reading

Updates to the process for adding PIP to Python 2.6 under Centos 6.2

The main reason that I document the detailed processes for performing system administration tasks in this site is for me.  I know that others enjoy reading these processes and also find them helpful, but my primary target audience is myself.  Normally I forget the steps that I perform fairly quickly after I complete a task.  Over the years I have found it most helpful to document the steps on the web since I can easily find them and repeat the process whenever needed, wherever I happen to be.

Recently, I had the opportunity to refer back to one of my articles I had written a few months before on how to install the python-pip package for Python 2.6 running under Centos 6.  I was planning on using the Boto API to create and modify infrastructure in AWS.  Unfortunately, I had repurposed the original server that had Boto installed.  I needed to use Pip to add Boto to a new Centos 6 server, and of course this required that I install Pip first.  Since I had written the process so recently, I was very surprised when I ran into errors when trying to use it just a few months later. Continue reading